const { verifyToken } = require('../utils/token');
const { unauthorized } = require('../utils/response');

const auth = (req, res, next) => {
  const token = req.header('Authorization')?.replace('Bearer ', '');
  
  if (!token) {
    return unauthorized(res, 'No token provided');
  }

  const decoded = verifyToken(token);
  if (!decoded) {
    return unauthorized(res, 'Invalid token');
  }

  req.userId = decoded.id;
  next();
};

module.exports = auth;